﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;

public partial class customer_service_user_change_pin : System.Web.UI.Page
{
    string strConnString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
    string str = null;
    SqlCommand com;
    byte up;
    protected void Page_Load(object sender, EventArgs e)
    {
        ((AfterLogin)this.Master).mainCategory = "SERVICE";

        if (IsPostBack == false)
        {

            //SqlConnection con = new SqlConnection();
            //con.ConnectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;

            //string oldPwd = tbCurrentPin.Text;
            //string newPwd = tbNewPin.Text;
            //string confirmPwd = tbConfirm.Text;

            ////string sql = "Update CUSTOMER set custPassword= " + newPwd;
            ////sql = sql + " where custID = '" + Session["userId"] + "'";
            ////SqlCommand cmd = new SqlCommand();
            ////cmd.CommandText = sql;
            ////cmd.Connection = con;


            //con.Open();
            //string str = "select custPassword from CUSTOMER where custID = '" + Session["userId"] + "'";
            //SqlCommand com = new SqlCommand(str, con);
            //SqlDataReader reader = com.ExecuteReader();
            //while (reader.Read())
            //{
            //    if (tbCurrentPin.Text == reader["custPassword"].ToString())
            //    {
            //       con.Open();
            //    string sql = "Update CUSTOMER set custPassword= " + newPwd;
            //    sql = sql + " where custID = '" + Session["userId"] + "'";
            //    com = new SqlCommand(str, con);
            //    com.ExecuteNonQuery();
            //    con.Close();
            //    lbChange.Text = "Password changed Successfully";
            //    }
            //else
            //{
            //    lbChange.Text = "Please enter correct Current password";
            //} 
            //}
            //reader.Close();
            //con.Close();




            ////try
            ////{
            ////    con.Open();
            ////    cmd.ExecuteNonQuery();
            ////    lbChange.Text = "Changed successfully";
            ////}
            ////catch (Exception ex)
            ////{
            ////}
            ////finally
            ////{
            ////    con.Close();
            ////    con.Dispose();
            ////    cmd.Dispose();
            ////}
        }
    }
    protected void btnChange_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(strConnString);
            con.Open();
            str = "select custPassword from CUSTOMER ";
            com = new SqlCommand(str, con);
            SqlDataReader reader = com.ExecuteReader();
            while (reader.Read())
            {
                if (tbCurrentPin.Text == reader["custPassword"].ToString())
                {
                    up = 1;
                }
            }
            reader.Close();
            con.Close();
            if (up == 1)
            {
                con.Open();
                str = " Update CUSTOMER set custPassword=@Password where custID = '" + Session["userId"] + "'";
                com = new SqlCommand(str, con);
                com.Parameters.Add(new SqlParameter("@Password", SqlDbType.VarChar, 50));
                com.Parameters["@Password"].Value = tbNewPin.Text;
                com.ExecuteNonQuery();
                con.Close();
                lbChange.Text = "Password changed successfully";

                Alert alert = new Alert();
                alert.addAlertPersonalPin((String)Session["userId"],"You had changed your login PASSWORD.","");
            }
            else
            {
                lbChange.Text = "Please enter correct current password";
            }
        } 
        
    }
